M-PESA Africa Senior Specialist Cloud Security

About M-Pesa Africa

At M-Pesa Africa, we’re the heroes that make things happen.​

We are a united, energetic and passionate team. A place where leaders coach, teams connect, and everyone is empowered to go further, faster. A place where heroes become superheroes; through growth, opportunity, and the chance to work with the best minds in FinTech. ​

We are Africa’s largest FinTech providing services to more than 60 million customers and 5 million businesses solutions across Financial Services, Enterprise, Merchant and Retail. We are now well on our way to becoming the preferred digital payment method across the markets that we serve, for both in-store, remote and online payments. With headquarters in both Kenya and South Africa, we serve markets that include Kenya, Tanzania, DRC, Lesotho, Ghana, Egypt, Ethiopia, and Mozambique. 

About the Role

The Cloud Cybersecurity Principal Specialist is accountable for ensuring the security, integrity and confidentiality of Cloud-based systems and services. This role focuses on designing, implementing, managing and maintaining robust cybersecurity solutions and processes that protect cloud infrastructures, applications, and data across platforms such as AWS, Azure and Huawei Cloud.

• Manage the Security and Privacy by Design Assurance (SPDA) processes for MPA products and services both cloud-based;
• Design and implement cloud security architectures in alignment with best practices to protect cloud environments;
• Perform regular security assessments, vulnerability scans, and penetration testing on cloud-based systems;
• Monitor cloud environments for potential security threats and vulnerabilities;
• Develop, implement, and enforce cloud security policies and procedures;
• Ensure Secure Cloud Operations by the Cloud Team;
• Manage identity and access management (IAM) controls for cloud services;
• Provide recommendations for cloud security improvements and assist in implementing security controls to meet compliance requirements;
• Collaborate with development and operations teams to integrate security throughout the cloud development lifecycle (DevSecOps);
• Respond to and mitigate cloud security incidents, performing root cause analysis and applying lessons learned;
• Maintain up-to-date knowledge of cloud security trends, risks, and solutions.

Skills and Competencies:

• Strong knowledge of cloud platforms (AWS, Azure Cloud) and cloud-native security features.
• Experience with security tools like firewalls, intrusion detection/prevention systems (IDS/IPS), encryption, and security information event management (SIEM).
• Expertise in IAM, multi-factor authentication (MFA), and secure cloud infrastructure design.
• Experience with automation and scripting tools (e.g., Terraform, CloudFormation, Python) to enhance cloud security.
• Proficient in cloud security best practices, including monitoring, logging, and incident response.
   

Technical / professional qualifications:

• Minimum of six (6) years of experience in cybersecurity-related roles, three years (3) of which should be specialized Cloud Security.
• Degree in Electrical Eng/Computer Science/information Technology or equivalent Technology-related degree.
• Cloud certifications such as AWS Certified Security Specialty, Azure Security Engineer, or Google Professional Cloud Security Engineer.
• Security certifications like CISSP, CISM, or CEH are highly desirable.
• Hands-on experience with security tools and platforms in cloud environments.

We are the leading telecommunication company in East Africa. Our purpose is to transform lives by connecting people to people, people to opportunities and people to information. We keep over 42 million customers connected and play a critical role in the society, supporting over one million jobs both directly and indirectly while our total economic value was estimated at KES 362 Billion ($ 3.2 billion) for the 12 months through March 2021. We are listed on the Nairobi Securities Exchange (NSE) and with annual revenues of close to KES 298 Billion ($2.5 billion) as at March 2022. We were founded in 1997 as a fully owned subsidiary of Telkom Kenya before a 40 percent acquisition by Vodafone Group PLC in May 2000, and a public offering of 25 percent shares through the NSE in 2008. Under the management of Vodafone Group PLC, we welcomed Michael Joseph, as our first CEO, a few months later in July of 2000. He led the company’s growth to accommodate 16.71 million subscribers from the previous 20,000, largely owing to innovative products like M-PESA in 2007.